Skip to content

Adding headers for Chemist to check API key restriction. #821

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Sep 18, 2019
Merged

Adding headers for Chemist to check API key restriction. #821

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion firebase-installations/api.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ package com.google.firebase.installations.local {
package com.google.firebase.installations.remote {

public class FirebaseInstallationServiceClient {
ctor public FirebaseInstallationServiceClient();
ctor public FirebaseInstallationServiceClient(@NonNull Context);
method @NonNull public com.google.firebase.installations.remote.InstallationResponse createFirebaseInstallation(@NonNull String, @NonNull String, @NonNull String, @NonNull String) throws com.google.firebase.installations.remote.FirebaseInstallationServiceException;
method @NonNull public void deleteFirebaseInstallation(@NonNull String, @NonNull String, @NonNull String, @NonNull String) throws com.google.firebase.installations.remote.FirebaseInstallationServiceException;
method @NonNull public InstallationTokenResult generateAuthToken(@NonNull String, @NonNull String, @NonNull String, @NonNull String) throws com.google.firebase.installations.remote.FirebaseInstallationServiceException;
Expand Down
2 changes: 1 addition & 1 deletion ...-installations/src/main/java/com/google/firebase/installations/FirebaseInstallations.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ public class FirebaseInstallations implements FirebaseInstallationsApi {
DefaultClock.getInstance(),
new ThreadPoolExecutor(0, 1, 30L, TimeUnit.SECONDS, new LinkedBlockingQueue<>()),
firebaseApp,
new FirebaseInstallationServiceClient(),
new FirebaseInstallationServiceClient(firebaseApp.getApplicationContext()),
new PersistedFid(firebaseApp),
new Utils());
}
Expand Down
39 changes: 39 additions & 0 deletions ...main/java/com/google/firebase/installations/remote/FirebaseInstallationServiceClient.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,15 @@

package com.google.firebase.installations.remote;

import static android.content.ContentValues.TAG;

import android.content.Context;
import android.content.pm.PackageManager;
import android.util.JsonReader;
import android.util.Log;
import androidx.annotation.NonNull;
import com.google.android.gms.common.util.AndroidUtilsLight;
import com.google.android.gms.common.util.Hex;
import com.google.firebase.installations.InstallationTokenResult;
import java.io.IOException;
import java.io.InputStreamReader;
Expand Down Expand Up @@ -49,6 +56,15 @@ public class FirebaseInstallationServiceClient {
private static final String INTERNAL_SERVER_ERROR_MESSAGE = "There was an internal server error.";
private static final String NETWORK_ERROR_MESSAGE = "The server returned an unexpected error:";

private static final String X_ANDROID_PACKAGE_HEADER_KEY = "X-Android-Package";
private static final String X_ANDROID_CERT_HEADER_KEY = "X-Android-Cert";

private final Context context;

public FirebaseInstallationServiceClient(@NonNull Context context) {
this.context = context;
}

/**
* Creates a FID on the FIS Servers by calling FirebaseInstallations API create method.
*
Expand Down Expand Up @@ -79,6 +95,10 @@ public InstallationResponse createFirebaseInstallation(
httpsURLConnection.addRequestProperty(CONTENT_TYPE_HEADER_KEY, JSON_CONTENT_TYPE);
httpsURLConnection.addRequestProperty(ACCEPT_HEADER_KEY, JSON_CONTENT_TYPE);
httpsURLConnection.addRequestProperty(CONTENT_ENCODING_HEADER_KEY, GZIP_CONTENT_ENCODING);
httpsURLConnection.addRequestProperty(X_ANDROID_PACKAGE_HEADER_KEY, context.getPackageName());
httpsURLConnection.addRequestProperty(
X_ANDROID_CERT_HEADER_KEY, getFingerprintHashForPackage());

GZIPOutputStream gzipOutputStream =
new GZIPOutputStream(httpsURLConnection.getOutputStream());
try {
Expand Down Expand Up @@ -282,4 +302,23 @@ private InstallationTokenResult readGenerateAuthTokenResponse(HttpsURLConnection

return builder.build();
}

/** Gets the Android package's SHA-1 fingerprint. */
private String getFingerprintHashForPackage() {
byte[] hash;

try {
hash = AndroidUtilsLight.getPackageCertificateHashBytes(context, context.getPackageName());

if (hash == null) {
Log.e(TAG, "Could not get fingerprint hash for package: " + context.getPackageName());
return null;
} else {
return Hex.bytesToStringUppercase(hash, /* zeroTerminated= */ false);
}
} catch (PackageManager.NameNotFoundException e) {
Log.e(TAG, "No such package: " + context.getPackageName(), e);
return null;
}
}
}